CODEWITHSUNDEEP
c#active-directory
ikel
ikel

Reputation: 1978

how to delete computer account from Active Directory using c#

Is there any sample that deletes computer account from AD using C#?

I have searched many sources, but all are about user account.

added my code here, i always got errors for some reason.

public static bool checkExistingPC(string compName,string userName,string userPwd )
{
    try
    {
        DirectoryEntry entry = new DirectoryEntry("LDAP://test.com",userName,userPwd,AuthenticationTypes.Secure);
        DirectorySearcher mySearcher = new DirectorySearcher(entry);
       mySearcher.Filter = "(&(objectClass=computer)(|(cn=" + compName + ")(dn=" + compName + ")))";
       foreach (SearchResult result in mySearcher.FindAll())
       {
           if (result != null)
           {

               MessageBox.Show("computer GetDirectoryEntry():" + result.Path+"\n"+"computer path: "+result.Path);
                DirectoryEntry entryToRemove = new DirectoryEntry(result.Path,userName,userPwd);
                 entry.Children.Remove(entryToRemove);

               return true;
           }
           else
           {
               return false;
           }
       }
    }
    catch (Exception e)
    {
        MessageBox.Show(e.Message);
    }
    return false;
}

Upvotes: 4

Views: 10123

Answers (4)

JPBlanc
JPBlanc

Reputation: 72680

Using ADSI which is under System.DirectoryServices use a commit mechanism, here is a working sample :

/* Retreiving RootDSE infos
 */
string ldapBase = "LDAP://WM2008R2ENT:389/";
string sFromWhere = ldapBase + "rootDSE";
DirectoryEntry root = new DirectoryEntry(sFromWhere, "dom\\jpb", "PWD");
string defaultNamingContext = root.Properties["defaultNamingContext"][0].ToString();

/* Retreiving the computer to remove
 */
sFromWhere = ldapBase + defaultNamingContext;
DirectoryEntry deBase = new DirectoryEntry(sFromWhere, "dom\\jpb", ".biènèsph^r^.1966");

DirectorySearcher dsLookForDomain = new DirectorySearcher(deBase);
dsLookForDomain.Filter = "(&(cn=MACHSUPR))"; // MACHSUPR is the computer to delete
dsLookForDomain.SearchScope = SearchScope.Subtree;
dsLookForDomain.PropertiesToLoad.Add("cn");
dsLookForDomain.PropertiesToLoad.Add("distinguishedName");

SearchResultCollection srcComputer = dsLookForDomain.FindAll();

foreach (SearchResult aComputer in srcComputer)
{
  /* For each computer
   */
  DirectoryEntry computerToDel = aComputer.GetDirectoryEntry();
  computerToDel.DeleteTree();
  computerToDel.CommitChanges();
}

Upvotes: 4

marc_s
marc_s

Reputation: 755411

If you're on .NET 3.5 and up (if you're not - time to upgrade!), you should check out the System.DirectoryServices.AccountManagement (S.DS.AM) namespace. Read all about it here:

Basically, you can define a domain context and easily find users and/or groups in AD:

// set up domain context
PrincipalContext ctx = new PrincipalContext(ContextType.Domain);

// find the computer in question
ComputerPrincipal computer = ComputerPrincipal.FindByIdentity(ctx, "NAME");

// if found - delete it
if (computer != null)
{
   computer.Delete();
}

The new S.DS.AM makes it really easy to play around with users, computers and groups in AD!

Upvotes: 5

Jeremy
Jeremy

Reputation: 3951

Use WMI and or System.DirectoryServices namespace (http://msdn.microsoft.com/en-us/library/system.directoryservices.aspx).

Upvotes: 0

thekaveman
thekaveman

Reputation: 4409

It may not be exactly what you are looking for, but this site provides a number of code examples for working with AD in C#, including deleting a security group and removing a user from a group

Upvotes: -1

Related Questions